Data Privacy: Now Boarding: Pointwest Conducts Briefing on Data Privacy
October 3, 2019
Pointwest, a leading IT company in the Philippines, held an executive briefing on cybersecurity entitled “Data Privacy: Now Boarding” last September 20, 2019, 3-5 pm at Conti’s Bakeshop and Restaurant, Greenbelt 2, Makati City.
Attendees from airlines, travel agencies, and insurance brokerage firms graced the event. These organizations deal with sensitive personal information which should be secured in compliance with Republic Act 10173, or the Data Privacy Act of 2012.
The resource speakers were composed of Pointwest Cybersecurity experts, led by Chief Information Security Officer Rene Canlas. The other speakers were Information Security Analysts Arra Camile Patria and Jen Sherrina Martinez, and Software Engineer Christine Balanaa.
Below are the topics of the talks and their respective contents:
Oversharing in Social Media – Arra Camile Patria
Pointwest Information Security Analyst Arra Camile Patria discussed how sharing too much information on social media may compromise people’s privacy and safety. Sometimes, social media users may feel too complacent and share information such as their current location and photos of their identification cards. Cyberattackers take advantage of this by stealing the identities of social media account users. To combat this, Arra gave tips on how to avoid online oversharing. She also identified the signs of being a social media addict.
“Choose your content wisely,” Arra asserted, encouraging people to think before they click and be selective of what they share on social media.
Social Engineering – Jen Sherrina Martinez
Pointwest Information Security Analyst Jen Sherrina Martinez discusses the phenomenon of Social Engineering, which is the psychological manipulation of people into performing actions or divulging confidential information. Social Engineering is the underlying concept with some of the more common cybercrimes like email phishing, malicious fake software updates, viral hoaxes, and voice phishing. Jen shared reasons people fall victim to social engineering, and how to spot signs of the phenomenon in action.
“Vulnerable humans are the weakest link in the cybersecurity chain,” Jen informed the attendees, declaring that besides protection measures like firewalls, access controls, and anti-virus software, one of the strongest forms of protection is keeping employees well-informed about cybersecurity measures.
The Other Side of Data – Christine Balanaa
To be able to protect data better, it is important to understand its nature. Pointwest Software Engineer Christine Grace Balanaa discussed data and its general states: data at rest, data in use, and data in transit. She shared that people create 2.5 quintillion bytes of data each day, and that all information on the internet would take around three million years to download. The volume alone makes people susceptible to leave pieces of themselves through data trails in URLs, search histories, booking information, QR codes and the like.
“Just because you can collect information doesn’t mean you should,” Christine stressed, promoting responsible data gathering among companies.
How Data Privacy Affects Operations – Rene Canlas
Pointwest Chief Information Security Officer Rene Canlas focused on the Data Privacy Act of 2012. To start his talk, he defined personal information, sensitive personal information, and privileged information. Along with this, he also discussed the rights of data subjects. He also tackled which types of business the Data Privacy Act (DPA) apply to, and the penalties for non-compliance. He also discussed the 5 Pillars of DPA Accountability and Compliance, providing a roadmap for companies to follow in their DPA compliance journey.
“The Data Privacy Law serves to protect personal data and provide guidance on how it is used and stored,” Rene said. “Businesses need to know what personal data they collect, use, and store. They also should know the purpose they are collecting them.”
Question and Answer
After the talks, a panel discussion was also held to accommodate the queries of the audience regarding data privacy. Among the questions are the following:
- Who’s accountable for a data breach: the Data Protection Officer (DPO), or the management?
To this, Rene answered that it’s on a case to case basis. The DPO should act as an adviser who will let the company know of vulnerabilities of the system. If the DPO failed to report these vulnerabilities, then the DPO is accountable. If DPO reported but the company failed to follow his/her recommendations without a valid reason, then the company itself is liable.
- What are the immediate, actionable steps one can perform to prevent data breaches?
Rene recommended starting with a Privacy Impact Assessment (PIA). “PIA is an eye-opener,” Rene said. “You wouldn’t know what to protect unless you know the vulnerabilities, which you can learn through PIA.”
The event ended with the awarding of certificates for the speakers and the attendees.
“This series of Executive Briefings are conducted by Pointwest to increase awareness of the public on various technology issues such as Security, Automated Testing and Intelligent OCR. As a 100% Filipino company, it is incumbent upon Pointwest to take advantage of the vast experience the company has gained serving international clients and pass those expertise and experience to the local market, ensuring support for the local IT industry and pushing the continued growth Philippine economy,” quipped Pointwest Executive Director Leo Querubin. The Marketing and the Business Development Teams under Mr. Querubin, along with the Cybersecurity Team, spearheaded the event.
Pointwest is an IT company in the Philippines. Founded in 2003 by pioneers of the Philippine Global Sourcing industry, Pointwest creates value for its list of satisfied clients — including top Fortune 100 and local companies — with world-class digital innovation and IT modernization services backed by international-standard methodologies, and innovative practices.
For Inquiries, contact us:
+632 814 1100 (Trunkline)
+1 (888) 210-9078 (US Toll-Free)